Advanced Malware

The data ingested from Advanced Malware event sources are similar to Virus Scan data in that they are also used for analytics and allows you to track which users and assets are infected frequently.

However, Advanced Malware data includes network level detection of infected assets, and is of a higher fidelity when gathering data.

At this time, the Insight Platform has a log parser for FireEye NX. However, if you have a malware detection module as part of your firewall, those events can be forwarded as part of the regular firewall traffic.